Cisco Jabber For Mac vulnerabilities

CVE-2019-12645 [HIGH] CWE-20 CVE-2019-12645: A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Software, installed as part of the Ci A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code on an affected device The vulnerability is due to improper file level permissions on an affected device when it is running Cisco JCF for Mac Software. An at

CVE-2018-0449 [MEDIUM] CWE-275 CVE-2018-0449: A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the Cisco A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. The vulnerability exists due to insecure directory permissions set on a JCF created directory. An authentic